Description

A regression was found in the Red Hat Enterprise Linux 6.9 version of httpd 2.2.15-60, causing comments in the "Allow" and "Deny" configuration lines to be parsed incorrectly. A web administrator could unintentionally allow any client to access a restricted HTTP resource.

Remediation

References

CVE-2017-12171

Related Vulnerabilities

MySQL CVE-2013-0383 Vulnerability (CVE-2013-0383)

WebLogic CVE-2020-14757 Vulnerability (CVE-2020-14757)

Oracle Database Server CVE-2012-1745 Vulnerability (CVE-2012-1745)

XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-50721)

WordPress Plugin SoundPress Cross-Site Scripting (2.2.6)

Severity

Medium

Classification

CVE-2017-12171 CWE-20 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities